<?php

/**
 * 商家登录处理
 * @author yjmp 
 */

define('IN_ECS', true);
define('ECS_ADMIN', true);

require(dirname(__FILE__) . '/includes/init.php');

$act = !empty($_REQUEST['act'])? trim($_REQUEST['act']) : 'login';

if ($act == 'login') {
    if (empty($_SESSION['shop_id'])) {
        header("Location: index.php?act=shop_login"); 
        exit;
    }
}

elseif ($act == 'action_login') {
    //get data
    $tel = !empty($_POST['tel'])? trim($_POST['tel']) : 0;
    $password  = !empty($_POST['password'])? trim($_POST['password']) : '';
    //check data
    if ($tel == '') {
        $content = '手机号不能为空';
        send_err_msg($content);
    }
    if ($password == '') {
        $content = '密码不能为空';
        send_err_msg($content);
    }

    //$password_format = md5(md5($password).'10086'); // 密码加密
    if (!check_shop_data($tel,$password)) {
       $content = '手机号或密码错误';
        send_err_msg($content);
        exit;
    }

    $shop_id = $GLOBALS['db']->getOne('SELECT goods_id FROM '.$GLOBALS['ecs']->table('goods').' WHERE tel = "'.$tel.'" AND pwd = "'.$password.'"');
    $_SESSION['shop_id'] = $shop_id;
    
    //进入商家中心
    $content = '登录成功';
    $link = 'shop_info.php';
    show_yj_message($content,$link);
    exit;
}

/**
 * 商家数据验证
 * @param  string $tel      商家手机号
 * @param  string $password 商家断码
 * @return bool           是不通过验证
 */
function check_shop_data($tel,$password)
{
    if ($tel != '' && $password != '') {
        $pass = $GLOBALS['db']->getOne('SELECT COUNT(*) FROM '.$GLOBALS['ecs']->table('goods').' WHERE tel = "'.$tel.'" AND pwd = "'.$password.'" AND is_on_sale = 1 ');
        return $pass? true : false;
    }
    return false;
}
?>
